Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Sum Gai: Badly coded ransomware locks away data forever
BBC News ^ | November 9, 2915 | Sum Gai

Posted on 11/09/2015 10:18:51 AM PST by sparklite2

Power Worm infects Microsoft Word and Excel files but the latest poorly written update of it goes after many more types of data files it finds on a victim's machine.

Malware researcher Nathan Scott discovered the variant and uncovered the mistakes its creator made when updating it.

Mr Scott believes the errors arose when the creator tried to simplify the decryption process. They tried to make it use just one decryption key but mangled the process of generating it. As a result, there is no key created for the files it encrypts when it compromises a computer.

(Excerpt) Read more at bbc.com ...


TOPICS: Chit/Chat
KEYWORDS: ulikesumgai
Navigation: use the links below to view more comments.
first 1-2021-4041-6061-64 next last

1 posted on 11/09/2015 10:18:51 AM PST by sparklite2
[ Post Reply | Private Reply | View Replies]

To: sparklite2

you just can’t find good hackers these days.


2 posted on 11/09/2015 10:19:38 AM PST by JohnBrowdie (http://forum.stink-eye.net)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JohnBrowdie

It’s crap like this that gives extortion a bad name.


3 posted on 11/09/2015 10:21:28 AM PST by sparklite2 (All will become clear when it is too late to matter.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: sparklite2

I would hate to think that people involved in criminal extortion would be liars as well.


4 posted on 11/09/2015 10:21:30 AM PST by Billthedrill
[ Post Reply | Private Reply | To 1 | View Replies]

To: sparklite2

Make sure you have
1)Avast Anti-Virus
2)MalwareBytes
3) CCleaner

AND USE THEM!

They are all free for home use and are the best

If you get one of these ransomware threats immediately shut off the power on your computer- it usually stops it from doing any damage and you can reboot normally

DONT CLICK ON ANYTHING


5 posted on 11/09/2015 10:23:40 AM PST by Mr. K (If it is HilLIARy -vs- Jeb! then I am writing-in Palin/Cruz)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JohnBrowdie
you just can’t find good hackers these days.

That's exactly why we need more H1-B visas!

</sarc>

6 posted on 11/09/2015 10:26:30 AM PST by Rodamala
[ Post Reply | Private Reply | To 2 | View Replies]

To: sparklite2
Haven't you heard? They are the latest protected class.

MSNBC GUEST: PEOPLE WITH CRIMINAL RECORDS ARE DISCRIMINATED AGAINST.

-PJ

7 posted on 11/09/2015 10:26:56 AM PST by Political Junkie Too (If you are the Posterity of We the People, then you are a Natural Born Citizen.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Mr. K

Add to that Glary Utilities......................

http://www.glarysoft.com/


8 posted on 11/09/2015 10:26:58 AM PST by Red Badger (READ MY LIPS: NO MORE BUSHES!...............)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Mr. K

Another must have is SpyBot.


9 posted on 11/09/2015 10:28:05 AM PST by sparklite2 (All will become clear when it is too late to matter.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: sparklite2

I seriously support the death penalty for hackers who release such malware. Any age, nationality, etc. No excuses, no appeal.
I would pull the trigger, push the plunger, spring the trap door, flip the electric switch, twist the garrote, crack the four horses on the ass, whatever.

These menaces make life suck more and cost everyone hundreds of millions of dollars. Yes, I would kill you over my digital music and photos.


10 posted on 11/09/2015 10:32:08 AM PST by DesertRhino ("I want those feeble minded asses overthrown,,,")
[ Post Reply | Private Reply | To 1 | View Replies]

To: DesertRhino

They suck, but at least they don’t call me every day claiming to be Kevin with news about my credit cards.


11 posted on 11/09/2015 10:34:47 AM PST by sparklite2 (All will become clear when it is too late to matter.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: JohnBrowdie

As a software developer I can easily see how that could happen.

Most developers left to their own devices will not thoroughly test software. Hell, self testing is both boring and humbling. The permutations and combinations are almost endless.


12 posted on 11/09/2015 10:36:16 AM PST by ImJustAnotherOkie
[ Post Reply | Private Reply | To 2 | View Replies]

To: Mr. K

I just use ESET and common sense.


13 posted on 11/09/2015 10:39:22 AM PST by Ingtar (Capitulation is the enemy of Liberty, or so the recent past has shown.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: sparklite2

Solid point. I would hope they would watch what happened to the hackers and change their ways.


14 posted on 11/09/2015 10:42:49 AM PST by DesertRhino ("I want those feeble minded asses overthrown,,,")
[ Post Reply | Private Reply | To 11 | View Replies]

To: sparklite2

Ghostery and NoScript


15 posted on 11/09/2015 10:43:30 AM PST by Paladin2 (my non-desktop devices are no longer allowed to try to fix speling and punctuation, nor my gran-mah.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: ImJustAnotherOkie

Integration with billions of lines code written by millions of peeps seems impossible.


16 posted on 11/09/2015 10:45:13 AM PST by Paladin2 (my non-desktop devices are no longer allowed to try to fix speling and punctuation, nor my gran-mah.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Mr. K; All
May I also suggest:

CryptoPrevent

To read more, here is very informative info: CryptoLocker Ransomware Information Guide and FAQ

I do not know if this new ransomware operates the same way, but I'm guessing maybe it does in which case CrytoPrevent (there is a 'free' product) would be useful to have - I run it on my computers after a relative's business got ransomware (put them down for a week) & someone I know got it on their personal computer.

It is my understanding that if your backups are connected to your computer, they will be encrypted as well.

From link:

When you discover that a computer is infected with CryptoLocker, the first thing you should do is disconnect it from your wireless or wired network. This will prevent it from further encrypting any files. Some people have reported that once the network connection is disconnected, it will display the CryptoLocker screen.

17 posted on 11/09/2015 10:46:37 AM PST by Qiviut
[ Post Reply | Private Reply | To 5 | View Replies]

To: Mr. K

Better Yet Mr K is to have a robust GoBack system like rollbackRX

Virus hits? Do a rollback before windows starts up, virus is completely gone and you are back up and running


18 posted on 11/09/2015 10:52:36 AM PST by Bob434
[ Post Reply | Private Reply | To 5 | View Replies]

To: DesertRhino

NO NO NO NO NO!!!!!!!!!!!!!!!!!!!!!

They must be tortured first.


19 posted on 11/09/2015 10:53:07 AM PST by Mr. K (If it is HilLIARy -vs- Jeb! then I am writing-in Palin/Cruz)
[ Post Reply | Private Reply | To 10 | View Replies]

To: sparklite2

any defense against this malware?


20 posted on 11/09/2015 10:53:26 AM PST by 353FMG
[ Post Reply | Private Reply | To 3 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-6061-64 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson